You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@rtgdk I'm not sure where the code is that needs to be updated, but there is a call to the Github API's where a URL is passed as a parameter for the authentication callback. That code should be changed from http:// to https://
I'm not sure if this is a security vulnerability, but the redirect probably should use HTTP rather than HTTPS.
Just changing it to HTTPS will likely mess up those running the spdx-online-tools in test environments or local development environments.
Perhaps the System configuration debug could be checked and the appropriate redirect made.
NOTE: the Github Auth configurations need to be updated to HTTPS as well as the code once this goes into production.
The text was updated successfully, but these errors were encountered: